Thinmanager
CVE-2025-3617
HIGH
Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the parent directory. If exploited, a threat actor could inherit elevated privileges.
AnalysisAI
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Incorrect Default Permissions (CWE-276), which allows attackers to access resources due to overly permissive default settings. A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the parent directory. If exploited, a threat actor could inherit elevated privileges. Affected products include: Rockwellautomation Thinmanager.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Set restrictive default permissions, follow principle of least privilege, review defaults during deployment.
More in Thinmanager
View allIn affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer.
In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager Thi
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. Rated
CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. Rated critical severity (CVSS 9.3)
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injectio
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or r
CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. Rated high severity (CVSS 8.7),
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread wi
A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vu
CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists
Rockwell Automation ThinManager product allows the use of medium strength ciphers. Rated high severity (CVSS 7.5), this
In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is
Same weakness CWE-276 – Incorrect Default Permissions
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today